Results 1 to 2 of 2

Thread: PHP Security Issues

  1. #1

    Thread Starter
    Lively Member Bolerophone's Avatar
    Join Date
    Dec 2003
    Location
    Himalayas
    Posts
    123

    Lightbulb PHP Security Issues

    Hi

    Here is an article I found,that may be usefult to many of us.

    PHP Security Threats

    Amresh
    Jobs: "Do u want to sell colored sugar water or change the world?"

    Get Firefox Now!!!
    Mendhak leaving town.

  2. #2
    VBA Nutter visualAd's Avatar
    Join Date
    Apr 2002
    Location
    Ickenham, UK
    Posts
    4,906

    Re: PHP Security Issues

    That's a nice article. Good find

    A few other points too. Since that article was written the register globals setting in the php.ini file has been disabled by default. You would have to be a complete nutter to turn it on or to write your scripts assuming that it is turned on. There are also a few other things which you should take into consideration when writing script, especially if they are intended for use in a public domain:
    • As well as running PHP in safe mode, ensure that the interpreter itself or the web server process running the PHP interpreter is not a root or Admin user who has full access to the system.
    • Turn off the display of errors by setting the display_errors directive to off and redirect any errors to a log file. This is explained here.


    I have added a link to this thread to the PHP FAQ - Thanks
    PHP || MySql || Apache || Get Firefox || OpenOffice.org || Click || Slap ILMV || 1337 c0d || GotoMyPc For FREE! Part 1, Part 2

    | PHP Session --> Database Handler * Custom Error Handler * Installing PHP * HTML Form Handler * PHP 5 OOP * Using XML * Ajax * Xslt | VB6 Winsock - HTTP POST / GET * Winsock - HTTP File Upload

    Latest quote: crptcblade - VB6 executables can't be decompiled, only disassembled. And the disassembled code is even less useful than I am.

    Random VisualAd: Blog - Latest Post: When the Internet becomes Electricity!!


    Spread happiness and joy. Rate good posts.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width